Jump to content
Due to inclement weather in Southwest Florida, our Clearwater support team is offline. Our other offices are available to assist you, however their responses may be delayed. We appreciate your patience and understanding during this time. ×

BrowserSafeguard with RocketTab


ak14
 Share

Recommended Posts

I accidentally installed BrowserSafeguard with RocketTab. Uninstalling using Programs & Features does not work. Also tried Revo Uninstaller but the program doesn't show up at all there. My dad managed to keep it from running at startup by deleting some registry keys, but I still see it listed in Programs & Features and I want to be sure it is gone from my system. What do I need to do?

Link to post
Share on other sites

Minion%20Welcome.jpg

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
I can't foresee everything, so if anything unexpected happens, please stop and inform me!

There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)

warning.gif Rules and policies

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.


51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.

  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

Thank you so much for your help--here are the logs.

 


Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 11/12/2014

Scan Time: 9:36:46 PM

Logfile: malwarebytes log.txt

Administrator: No

 

Version: 2.00.3.1025

Malware Database: v2014.11.13.02

Rootkit Database: v2014.11.12.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Lucy

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 332917

Time Elapsed: 5 min, 27 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 2

PUP.Optional.PriceHorse.A, C:\Users\Lucy\AppData\Local\pricehorse, Quarantined, [9da9eb50364684b282a7ac81897ac739], 

PUP.Optional.PriceHorse.A, C:\Users\Lucy\AppData\Local\pricehorse\pricehorse, Quarantined, [9da9eb50364684b282a7ac81897ac739], 

 

Files: 3

PUP.Optional.Ibryte, C:\$Recycle.Bin\S-1-5-21-1311062009-36715212-3114003710-1009\$RJ4LWEB.exe, Quarantined, [c97d8ead1a6295a14d67c9657d83bb45], 

PUP.Optional.PayByAds.A, C:\Users\Lucy\AppData\Local\Temp\playsetup.exe, Quarantined, [5ceafe3dcbb121150d1d89f031d437c9], 

PUP.Optional.PayByAds.A, C:\Users\Lucy\AppData\Local\Temp\res.dll, Quarantined, [1d2984b7d3a94aec979388f1ae573fc1], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014

Ran by Lucy (ATTENTION: The logged in user is not administrator) on UPSTAIRS-OFFICE on 12-11-2014 21:50:19

Running from C:\Users\Lucy\Downloads

Loaded Profile: Lucy (Available profiles: Jeff & Amos & Lucy & Tracy)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe

() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe

() C:\Program Files (x86)\Subsonic\subsonic-agent.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe

(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe

(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe

(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)

HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)

HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)

HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)

HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))

HKU\S-1-5-21-1311062009-36715212-3114003710-1009\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Subsonic.lnk

ShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe ()

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()

ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)

ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

ProxyServer: http=127.0.0.1:50380;https=127.0.0.1:50380

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB

SearchScopes: HKLM - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB

SearchScopes: HKLM-x32 - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB

SearchScopes: HKCU - {113E9388-C4CC-4613-805D-B9816761A470} URL = 

BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Tcpip\Parameters: [DhcpNameServer] 192.168.11.1

 

FireFox:

========

FF ProfilePath: C:\Users\Lucy\AppData\Roaming\Mozilla\Firefox\Profiles\4teoyqvq.default

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()

FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

 

Chrome: 

=======

Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

CHR Profile: C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-23]

CHR Extension: (Google Drive) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-23]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-01]

CHR Extension: (YouTube) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-23]

CHR Extension: (Google Search) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-23]

CHR Extension: (Google Wallet) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-23]

CHR Extension: (Gmail) - C:\Users\Lucy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-23]

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)

R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)

R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]

R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]

S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)

S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)

R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)

S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)

R2 lmhosts; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)

R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)

R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]

S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)

R2 NlaSvc; C:\Windows\System32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)

R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)

R2 nsi; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)

R2 nsi; C:\Windows\SysWOW64\svchost.exe [31552 2013-08-21] (Microsoft Corporation)

R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()

R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)

R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)

S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)

R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)

S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)

R2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [259584 2014-09-21] () [File not signed]

R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)

R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-24] (Windows ® Win 7 DDK provider)

S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-24] (Windows ® Win 7 DDK provider)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)

S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)

S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)

R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-11-12 21:50 - 2014-11-12 21:50 - 00020856 _____ () C:\Users\Lucy\Downloads\FRST.txt

2014-11-12 21:49 - 2014-11-12 21:50 - 00000000 ____D () C:\FRST

2014-11-12 21:44 - 2014-11-12 21:44 - 00000000 ___RD () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-11-12 21:38 - 2014-11-12 21:38 - 02116096 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe

2014-11-12 21:29 - 2014-11-12 21:32 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-11-12 21:29 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2014-11-12 21:29 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2014-11-12 21:29 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2014-11-11 21:30 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe

2014-11-11 21:30 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2014-11-11 21:30 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2014-11-11 21:30 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys

2014-11-11 21:30 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys

2014-11-11 21:30 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2014-11-11 21:30 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll

2014-11-11 21:30 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll

2014-11-11 21:30 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2014-11-11 21:30 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll

2014-11-11 21:30 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll

2014-11-11 21:30 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll

2014-11-11 21:30 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll

2014-11-11 21:30 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll

2014-11-11 21:30 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll

2014-11-11 21:30 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll

2014-11-11 21:30 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll

2014-11-11 21:30 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2014-11-11 21:30 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2014-11-11 21:30 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2014-11-11 21:30 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2014-11-11 21:30 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll

2014-11-11 21:30 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll

2014-11-11 21:30 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll

2014-11-11 21:30 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll

2014-11-11 21:30 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll

2014-11-11 21:30 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll

2014-11-11 21:30 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys

2014-11-11 21:30 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys

2014-11-11 21:30 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys

2014-11-11 21:30 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll

2014-11-11 21:30 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll

2014-11-11 21:30 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll

2014-11-11 21:29 - 2014-10-30 21:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2014-11-11 21:29 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe

2014-11-11 21:29 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe

2014-11-11 21:29 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe

2014-11-11 21:29 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll

2014-11-11 21:29 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe

2014-11-11 21:29 - 2014-10-30 21:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2014-11-11 21:29 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll

2014-11-11 21:29 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll

2014-11-11 21:29 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll

2014-11-11 21:29 - 2014-10-30 21:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2014-11-11 21:29 - 2014-10-30 21:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec

2014-11-11 21:29 - 2014-10-30 21:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll

2014-11-11 21:29 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll

2014-11-11 21:29 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll

2014-11-11 21:29 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll

2014-11-11 21:29 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll

2014-11-11 21:29 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll

2014-11-11 21:29 - 2014-10-30 20:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2014-11-11 21:29 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe

2014-11-11 21:29 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe

2014-11-11 21:29 - 2014-10-30 20:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2014-11-11 21:29 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll

2014-11-11 21:29 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll

2014-11-11 21:29 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll

2014-11-11 21:29 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll

2014-11-11 21:29 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll

2014-11-11 21:29 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2014-11-11 21:29 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll

2014-11-11 21:29 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll

2014-11-11 21:29 - 2014-10-30 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2014-11-11 21:29 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll

2014-11-11 21:29 - 2014-10-30 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2014-11-11 21:29 - 2014-10-30 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2014-11-11 21:29 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll

2014-11-11 21:29 - 2014-10-30 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll

2014-11-11 21:29 - 2014-10-30 20:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2014-11-11 21:29 - 2014-10-30 20:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2014-11-11 21:29 - 2014-10-30 20:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2014-11-11 21:29 - 2014-10-30 20:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2014-11-11 21:29 - 2014-10-30 20:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2014-11-11 21:29 - 2014-10-30 19:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2014-11-11 21:29 - 2014-10-30 19:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2014-11-11 21:29 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2014-11-11 21:29 - 2014-10-30 19:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2014-11-11 21:29 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll

2014-11-11 21:29 - 2014-10-30 19:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2014-11-11 21:29 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe

2014-11-11 21:29 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe

2014-11-11 21:29 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe

2014-11-11 21:29 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll

2014-11-11 21:29 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe

2014-11-11 21:29 - 2014-10-30 19:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2014-11-11 21:29 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll

2014-11-11 21:29 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll

2014-11-11 21:29 - 2014-10-30 19:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec

2014-11-11 21:29 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll

2014-11-11 21:29 - 2014-10-30 19:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll

2014-11-11 21:29 - 2014-10-30 19:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2014-11-11 21:29 - 2014-10-30 19:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2014-11-11 21:29 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll

2014-11-11 21:29 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll

2014-11-11 21:29 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll

2014-11-11 21:29 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll

2014-11-11 21:29 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll

2014-11-11 21:29 - 2014-10-30 19:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2014-11-11 21:29 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe

2014-11-11 21:29 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2014-11-11 21:29 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll

2014-11-11 21:29 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll

2014-11-11 21:29 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll

2014-11-11 21:29 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll

2014-11-11 21:29 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll

2014-11-11 21:29 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2014-11-11 21:29 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll

2014-11-11 21:29 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll

2014-11-11 21:29 - 2014-10-30 18:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2014-11-11 21:29 - 2014-10-30 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2014-11-11 21:29 - 2014-10-30 18:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2014-11-11 21:29 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll

2014-11-11 21:29 - 2014-10-30 18:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2014-11-11 21:29 - 2014-10-30 18:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll

2014-11-11 21:29 - 2014-10-30 18:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2014-11-11 21:29 - 2014-10-30 18:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2014-11-11 21:29 - 2014-10-30 18:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2014-11-11 21:29 - 2014-10-30 18:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2014-11-11 21:29 - 2014-10-30 18:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2014-11-11 21:29 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2014-11-11 21:29 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll

2014-11-11 21:29 - 2014-10-30 18:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2014-11-11 21:29 - 2014-10-30 18:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2014-11-11 21:29 - 2014-10-30 18:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2014-11-11 21:29 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe

2014-11-11 21:29 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll

2014-11-11 21:29 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll

2014-11-11 21:29 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll

2014-11-11 21:29 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll

2014-11-11 21:29 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2014-11-11 21:29 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe

2014-11-11 21:29 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll

2014-11-11 21:29 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll

2014-11-11 21:29 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll

2014-11-11 21:29 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2014-11-11 21:29 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll

2014-11-11 21:29 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll

2014-11-11 21:29 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe

2014-11-11 21:29 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll

2014-11-11 21:29 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2014-11-11 21:29 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2014-11-11 21:29 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2014-11-11 21:28 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll

2014-11-11 21:28 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll

2014-11-11 21:28 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll

2014-11-11 21:28 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll

2014-11-11 21:28 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll

2014-11-11 21:28 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe

2014-11-11 21:28 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2014-11-11 21:28 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2014-11-11 21:28 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll

2014-11-11 21:28 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll

2014-11-11 21:28 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys

2014-11-11 21:28 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2014-11-11 21:28 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2014-11-11 21:28 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2014-11-11 21:28 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2014-11-11 21:28 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS

2014-11-11 21:28 - 2014-09-07 14:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml

2014-11-11 21:28 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll

2014-11-11 21:28 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2014-11-11 21:28 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2014-11-11 21:28 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2014-11-11 21:28 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2014-11-11 21:28 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2014-11-11 21:28 - 2014-08-30 16:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS

2014-11-11 21:28 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2014-11-11 21:28 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2014-11-11 21:28 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll

2014-11-11 21:28 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll

2014-11-11 21:28 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2014-11-11 21:28 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll

2014-11-11 21:28 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2014-11-11 21:28 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2014-11-11 21:28 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll

2014-11-11 21:28 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2014-11-11 21:28 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2014-11-11 21:28 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2014-11-11 21:28 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2014-11-11 21:28 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2014-11-11 21:28 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll

2014-11-11 21:28 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll

2014-11-11 21:28 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll

2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Epson

2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 _____ () C:\Users\Amos\Sti_Trace.log

2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Epson

2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 _____ () C:\Users\Tracy\Sti_Trace.log

2014-11-06 20:51 - 2014-11-06 20:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup (1).exe

2014-11-06 20:40 - 2014-11-06 20:40 - 00000302 _____ () C:\Users\Lucy\Documents\cc_20141106_204022.reg

2014-11-06 20:18 - 2014-11-06 20:18 - 00000135 _____ () C:\Users\Public\regkey.txt

2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\Program Files\CCleaner

2014-11-06 20:07 - 2014-11-06 20:07 - 01706939 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT.exe

2014-11-06 20:07 - 2014-11-06 20:07 - 00000000 ____D () C:\WINDOWS\ERUNT

2014-11-06 20:05 - 2014-11-06 20:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup.exe

2014-11-06 20:05 - 2014-11-06 20:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-11-06 20:01 - 2014-11-06 20:01 - 00000000 ___HD () C:\Users\Lucy\AppData\Roaming\Linkey

2014-11-06 19:55 - 2014-11-06 19:58 - 00000000 ____D () C:\AdwCleaner

2014-11-06 19:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll

2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieUserList

2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieSiteList

2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Mozilla

2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Mozilla

2014-11-05 21:35 - 2014-11-06 20:23 - 00000365 _____ () C:\Users\Lucy\Sti_Trace.log

2014-11-05 21:35 - 2014-11-05 21:35 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Epson

2014-11-03 21:13 - 2014-11-04 18:26 - 00002555 _____ () C:\Users\Jeff\Sti_Trace.log

2014-11-02 21:36 - 2014-11-12 21:36 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job

2014-11-02 21:36 - 2014-11-12 21:36 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job

2014-11-02 21:27 - 2014-11-02 21:27 - 00000045 _____ () C:\WINDOWS\WF-3620.ini

2014-11-02 21:21 - 2014-11-12 21:21 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job

2014-11-02 21:21 - 2014-11-12 21:21 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job

2014-11-02 21:20 - 2014-11-02 21:20 - 00000000 ____D () C:\Program Files\Common Files\EPSON

2014-11-02 21:18 - 2014-11-04 17:38 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Epson

2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\InstallShield

2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Program Files\EPSON

2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON

2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\Program Files (x86)\EPSON Software

2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software

2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\Program Files (x86)\epson

2014-11-02 21:17 - 2014-11-02 21:17 - 00000948 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk

2014-11-02 21:17 - 2014-11-02 21:17 - 00000000 ____D () C:\Program Files\EpsonNet

2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll

2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll

2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll

2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll

2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll

2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll

2014-11-02 21:17 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll

2014-11-02 21:17 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe

2014-11-02 21:17 - 2010-11-22 13:27 - 00147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll

2014-11-02 21:16 - 2014-11-02 21:38 - 00000000 ____D () C:\ProgramData\EPSON

2014-11-02 21:16 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBKEE.DLL

2014-11-02 21:16 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BKEE.DLL

2014-11-02 21:16 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL

2014-11-01 11:20 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll

2014-11-01 11:20 - 2014-09-03 15:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll

2014-11-01 11:20 - 2014-09-03 15:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll

2014-11-01 11:19 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll

2014-11-01 11:19 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll

2014-11-01 11:19 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2014-11-01 11:19 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll

2014-11-01 11:19 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll

2014-11-01 11:19 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2014-11-01 11:19 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll

2014-11-01 11:19 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll

2014-11-01 11:19 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll

2014-11-01 11:19 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll

2014-11-01 11:19 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2014-11-01 11:19 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll

2014-11-01 11:19 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll

2014-11-01 11:19 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll

2014-11-01 11:19 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll

2014-11-01 11:19 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-01 11:19 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll

2014-11-01 11:19 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll

2014-11-01 11:19 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll

2014-11-01 11:19 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll

2014-11-01 11:19 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll

2014-11-01 11:19 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2014-11-01 11:19 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll

2014-11-01 11:19 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2014-11-01 11:19 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll

2014-11-01 11:19 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll

2014-11-01 11:19 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll

2014-11-01 11:19 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe

2014-11-01 11:19 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2014-11-01 11:19 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll

2014-11-01 11:18 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2014-11-01 11:18 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2014-10-27 20:25 - 2014-10-27 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsonic

2014-10-25 08:31 - 2014-10-25 08:31 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Search Extensions

2014-10-19 18:57 - 2014-10-19 18:57 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk

2014-10-19 18:57 - 2014-10-19 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7

2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iTunes

2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iPod

2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files (x86)\iTunes

2014-10-18 09:17 - 2014-10-18 09:17 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe

2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe

2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe

2014-10-18 09:17 - 2014-10-18 09:17 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\Program Files (x86)\Java

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-11-12 21:48 - 2013-11-13 23:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2014-11-12 21:46 - 2013-12-02 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery

2014-11-12 21:45 - 2014-03-29 16:41 - 01442013 _____ () C:\WINDOWS\WindowsUpdate.log

2014-11-12 21:44 - 2014-03-29 16:42 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-11-12 21:44 - 2014-03-29 09:39 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2014-11-12 21:44 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2014-11-12 21:43 - 2013-11-13 23:20 - 00053860 _____ () C:\WINDOWS\PFRO.log

2014-11-12 21:36 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp

2014-11-12 21:21 - 2014-03-30 09:44 - 00000000 ___RD () C:\Users\Amos\Google Drive

2014-11-12 21:12 - 2014-03-29 09:39 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2014-11-12 21:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2014-11-12 20:59 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache

2014-11-11 22:19 - 2013-08-22 06:44 - 05085920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender

2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender

2014-11-11 22:16 - 2014-03-29 18:49 - 00000000 ___RD () C:\Users\Jeff\Dropbox

2014-11-11 21:42 - 2014-03-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-11-11 21:42 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2014-11-11 21:40 - 2014-03-29 08:37 - 00000000 ____D () C:\WINDOWS\system32\MRT

2014-11-11 21:32 - 2014-03-29 08:37 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2014-11-11 21:23 - 2014-03-29 18:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox

2014-11-11 20:29 - 2013-08-22 06:46 - 00325036 _____ () C:\WINDOWS\setupact.log

2014-11-11 16:37 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\FileZilla

2014-11-09 11:04 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos

2014-11-08 12:16 - 2014-07-09 11:47 - 00000000 ____D () C:\WINDOWS\Minidump

2014-11-07 10:47 - 2014-03-29 21:44 - 00000000 ____D () C:\Users\Tracy

2014-11-07 04:06 - 2014-03-30 09:35 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk

2014-11-07 04:06 - 2014-03-30 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-11-06 19:46 - 2014-03-29 21:50 - 00000000 ____D () C:\Users\Lucy\Documents\Bluetooth Folder

2014-11-05 21:35 - 2014-03-29 21:49 - 00000000 ____D () C:\Users\Lucy

2014-11-04 21:58 - 2013-12-02 20:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-11-04 20:58 - 2014-03-29 07:44 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Adobe

2014-11-04 17:39 - 2014-03-29 16:46 - 00000000 ____D () C:\Users\Jeff

2014-11-02 16:37 - 2014-03-30 21:50 - 00000000 ____D () C:\subsonic

2014-11-01 12:59 - 2014-03-29 18:23 - 00000000 ___RD () C:\Users\Jeff\SkyDrive

2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\WinStore

2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer

2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager

2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera

2014-11-01 12:36 - 2014-04-17 18:36 - 00000000 ____D () C:\Users\Jeff\Calibre

2014-10-30 03:25 - 2014-03-29 18:30 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2014-10-29 20:07 - 2014-03-29 09:39 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-10-29 16:55 - 2014-09-11 20:43 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2014-10-29 16:55 - 2014-09-11 20:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2014-10-27 20:25 - 2014-03-30 21:50 - 00000000 ____D () C:\Program Files (x86)\Subsonic

2014-10-27 19:21 - 2014-06-23 08:29 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Mp3tag

2014-10-26 11:08 - 2014-07-11 10:51 - 00000136 _____ () C:\WINDOWS\ODBC.INI

2014-10-26 11:03 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery

2014-10-21 19:31 - 2014-04-01 16:46 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Apple Computer

2014-10-19 19:13 - 2014-03-29 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-10-19 18:56 - 2014-09-30 19:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2014-10-19 18:56 - 2014-03-30 21:12 - 00000000 ____D () C:\Program Files\Common Files\Apple

2014-10-18 09:20 - 2014-07-11 09:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Spotify

2014-10-18 09:18 - 2014-03-31 15:39 - 00000000 ____D () C:\ProgramData\Oracle

 

Some content of TEMP:

====================

C:\Users\Lucy\AppData\Local\Temp\i4jdel0.exe

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite28667.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite45019.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite49016.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite58053.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite60367.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite65808.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite68057.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite74580.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite78681.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite80226.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85250.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85456.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite87378.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite88696.dll

C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite96587.dll

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

ATTENTION: ==> Could not access BCD, see Addition.txt for additional information.

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014

Ran by Lucy at 2014-11-12 21:51:07

Running from C:\Users\Lucy\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden

5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden

5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.)

Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)

Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)

Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)

Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)

Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)

AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden

AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

bl (x32 Version: 1.0.0 - Your Company Name) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BrowserSafeguard with RocketTab (HKU\S-1-5-21-1311062009-36715212-3114003710-1009\...\RocketTab) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION

BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)

Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)

Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)

Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)

Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden

DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden

DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version:  - Fengtao Software Inc.)

Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)

Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION)

Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)

EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)

Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)

Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)

Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden

FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)

foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)

Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden

HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

Innovative Millennium (HKLM-x32\...\Innovative Millennium) (Version: 1.0.0.0 - Innovative Interfaces)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)

Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)

MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)

Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden

NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation)

NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

ph (x32 Version: 1.0.0 - Your Company Name) Hidden

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)

Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

ShareX 9.3.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.3.1 - ShareX Developers)

Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)

SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden

Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden

Subsonic (HKLM-x32\...\Subsonic) (Version:  - )

SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.38.0 - 2BrightSparks)

TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)

TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)

TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)

Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden

TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-6 - Bitnami)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Restore Points  =========================

 

Could not list Restore Points. Check "winmgmt" service or repair WMI.

 

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job => ?

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => ?

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job => ?

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => ?

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?

 

==================== Loaded Modules (whitelisted) =============

 

2014-09-26 13:41 - 2014-09-26 13:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll

2014-05-01 11:29 - 2014-05-01 11:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe

2014-09-21 04:42 - 2014-09-21 04:42 - 00253952 _____ () C:\Program Files (x86)\Subsonic\subsonic-agent.exe

2014-07-14 20:51 - 2014-05-13 03:20 - 00069632 _____ () C:\Program Files\ShareX\screen-capture-recorder-x64.dll

2014-10-29 20:07 - 2014-10-21 19:32 - 01366856 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll

2014-10-29 20:07 - 2014-10-21 19:32 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll

2014-10-29 20:07 - 2014-10-21 19:32 - 10578248 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll

2014-10-29 20:07 - 2014-10-21 19:32 - 01859400 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Lucy\Documents\Science project sources.docx:AFP_AfpInfo

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "BCSSync"

HKLM\...\StartupApproved\Run32: => "RemoteControl10"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-1311062009-36715212-3114003710-500 - Administrator - Disabled)

Amos (S-1-5-21-1311062009-36715212-3114003710-1008 - Limited - Enabled) => C:\Users\Amos

Guest (S-1-5-21-1311062009-36715212-3114003710-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1311062009-36715212-3114003710-1007 - Limited - Enabled)

Jeff (S-1-5-21-1311062009-36715212-3114003710-1001 - Administrator - Enabled) => C:\Users\Jeff

Lucy (S-1-5-21-1311062009-36715212-3114003710-1009 - Limited - Enabled) => C:\Users\Lucy

Tracy (S-1-5-21-1311062009-36715212-3114003710-1010 - Limited - Enabled) => C:\Users\Tracy

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (11/10/2014 04:27:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )

Description: The Desktop Window Manager has encountered a fatal error (0x8898008d)

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 12641

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 12641

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6029578

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6029578

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9203

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9203

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

System errors:

=============

Error: (11/12/2014 08:18:12 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

 

Error: (11/11/2014 05:38:28 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

 

Error: (11/11/2014 03:16:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

 

Error: (11/11/2014 03:15:50 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

 

Error: (11/11/2014 03:05:07 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)

Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 20. The Windows SChannel error state is 960.

 

Error: (11/11/2014 10:35:22 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

Error: (11/11/2014 10:34:40 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (11/11/2014 10:06:02 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

Error: (11/11/2014 10:05:32 AM) (Source: DCOM) (EventID: 10010) (User: upstairs-office)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (11/10/2014 04:41:46 PM) (Source: DCOM) (EventID: 10010) (User: upstairs-office)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

 

Microsoft Office Sessions:

=========================

Error: (11/10/2014 04:27:06 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )

Description: 0x8898008d

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 12641

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 12641

 

Error: (11/09/2014 10:30:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6029578

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6029578

 

Error: (11/09/2014 07:56:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 9203

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 9203

 

Error: (11/09/2014 06:15:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-11-12 20:37:11.468

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-10 16:49:08.329

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-10 16:49:08.022

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-08 19:46:31.044

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:03.303

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:03.178

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:02.584

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:02.444

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:33:32.175

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:33:32.050

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-4440 CPU @ 3.10GHz

Percentage of memory in use: 24%

Total physical RAM: 8143.23 MB

Available physical RAM: 6143.77 MB

Total Pagefile: 9423.23 MB

Available Pagefile: 7262.33 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:917.26 GB) (Free:754.98 GB) NTFS

Drive e: (Disk 2) (Fixed) (Total:1397.26 GB) (Free:1264.17 GB) NTFS

 

==================== MBR & Partition Table ==================

 

==================== End Of Log ============================

Link to post
Share on other sites

Hi,

are you aware that there is a proxy server set here?

JRTbythisisu.png Fix with Junkware Removal Tool

Please download JRT by Thisisu and save the file to your desktop.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
Please include the contents of that file in your reply.

Do not forget to re-enable your previously switched off protection software!

Please also manually reboot your machine after this procedure.

adwcleaner_new.png Fix with AdwCleaner

Please download AdwCleaner by Xplode and save the file to your desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • The program will begin to update the database (if internet connection is operational). Please wait a little bit.
  • Follow the prompts and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.
Please include the contents of that file in your reply.
Link to post
Share on other sites

Family Security is set on this account. Does that include a proxy server? If not, then it shouldn't be there. Here are the logs

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 8.1 x64
Ran by Jeff on Thu 11/13/2014 at 20:22:03.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/13/2014 at 20:23:40.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
# AdwCleaner v4.101 - Report created 13/11/2014 at 20:32:29
# Updated 09/11/2014 by Xplode
# Database : 2014-11-13.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Jeff - UPSTAIRS-OFFICE
# Running from : C:\Users\Lucy\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Lucy\AppData\Local\Search Extensions
[#] Folder Deleted : C:\Users\Lucy\AppData\Roaming\Linkey
File Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v32.0.2 (x86 en-US)
 
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\Amos\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Amos\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Tracy\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [2160 octets] - [06/11/2014 19:55:23]
AdwCleaner[R1].txt - [2259 octets] - [13/11/2014 20:30:07]
AdwCleaner[s0].txt - [2239 octets] - [06/11/2014 19:57:31]
AdwCleaner[s1].txt - [2204 octets] - [13/11/2014 20:32:29]
 
########## EOF - \AdwCleaner\AdwCleaner[s1].txt - [2264 octets] ##########
 
Link to post
Share on other sites

Here are the logfiles from the administrator account

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-11-2014
Ran by Jeff (administrator) on UPSTAIRS-OFFICE on 15-11-2014 15:12:17
Running from C:\Users\Lucy\Downloads
Loaded Profile: Jeff (Available profiles: Jeff & Amos & Lucy & Tracy)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
() C:\Program Files (x86)\Subsonic\subsonic-service.exe
() C:\Program Files (x86)\Subsonic\subsonic-service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Spotify Ltd) C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIKEE.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Subsonic\subsonic-agent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
(Dropbox, Inc.) C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Qualcomm Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtTray.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188040 2013-05-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1797064 2014-03-20] (NVIDIA Corporation)
HKLM\...\Run: [iAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [btPreLoad] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtPreLoad.exe [64640 2012-12-28] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [642664 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863848 2014-05-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1065024 2014-05-02] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [btvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [129664 2012-12-28] ( (Qualcomm Atheros Commnucations))
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [DellSystemDetect] => C:\Users\Jeff\AppData\Local\Apps\2.0\WOEOCOXL.X14\QWV3R6TE.8EW\dell..tion_0f612f649c4a10af_0005.0006_f9e15713f5aac8ac\DellSystemDetect.exe [258160 2014-03-29] (Dell)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [Amazon Cloud Player] => C:\Users\Jeff\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [3168576 2014-03-07] ()
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [spotify Web Helper] => C:\Users\Jeff\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-10-03] (Spotify Ltd)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIKEE.EXE [298560 2013-09-12] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x00000000
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Subsonic.lnk
ShortcutTarget: Subsonic.lnk -> C:\Program Files (x86)\Subsonic\subsonic-agent.exe ()
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dell13.msn.com/?pc=DCJB
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dell13.msn.com/?pc=DCJB
SearchScopes: HKLM - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - {113E9388-C4CC-4613-805D-B9816761A470} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - {113E9388-C4CC-4613-805D-B9816761A470} URL = 
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.11.1
 
FireFox:
========
FF ProfilePath: C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Extension: DownloadHelper - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-28]
FF Extension: Default Full Zoom Level - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2014-09-28]
FF Extension: NoScript - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-08-16]
FF Extension: Web Developer - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2014-10-19]
FF Extension: Adblock Plus - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-14]
FF Extension: LibX - C:\Users\Jeff\AppData\Roaming\Mozilla\Firefox\Profiles\nd57xi6a.default\Extensions\{d75de36c-af0d-4dc2-b63a-0d482d4b9815}.xpi [2014-07-24]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.netvibes.com/privatepage/3#Start_Page
CHR StartupUrls: Default -> "hxxp://www.netvibes.com/privatepage/3#Start_Page"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-03-29]
CHR Extension: (Awesome Screenshot App) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\afkccfnochoebimhhniekgcegeeiepmi [2014-07-18]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-05-23]
CHR Extension: (Google Docs) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-29]
CHR Extension: (Google Drive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (ColorZilla) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2014-03-29]
CHR Extension: (YouTube) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-29]
CHR Extension: (Adblock Plus) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-29]
CHR Extension: (Google Search) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-29]
CHR Extension: (Email this page (by Google)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2014-03-29]
CHR Extension: (Swap My Cookies) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\dffhipnliikkblkhpjapbecpmoilcama [2014-03-29]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2014-03-29]
CHR Extension: (NYTimes) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecmphppfkcfflgglcokcbdkofpfegoel [2014-03-29]
CHR Extension: (Gmail Offline) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-03-29]
CHR Extension: (Zotero Connector) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2014-03-29]
CHR Extension: (Google Play Music) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-10-06]
CHR Extension: (LibX for Google Chrome ) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffkfoaiikoedjcjlpnnaidojhfchiafk [2014-03-29]
CHR Extension: (Pixlr Editor) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2014-03-29]
CHR Extension: (Google Play Music) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-03-29]
CHR Extension: (SourceKit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iieeldjdihkpoapgipfkeoddjckopgjg [2014-03-29]
CHR Extension: (StackEdit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiooodelglhkcpgbajoejffhijaclcdg [2014-03-29]
CHR Extension: (Dropbox) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-03-29]
CHR Extension: (Cookies) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2014-03-29]
CHR Extension: (Viewport Resizer) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kapnjjcfcncngkadhpmijlkblpibdcgm [2014-04-05]
CHR Extension: (ChromeVox) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgejglhpjiefppelpmljglcjbhoiplfn [2014-03-29]
CHR Extension: (ShiftEdit) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcgmndephhjcabhhjfcmncnhbmgbkpij [2014-03-29]
CHR Extension: (Poppit!) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-03-29]
CHR Extension: (Cloud9) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-03-29]
CHR Extension: (OneDrive) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-03-29]
CHR Extension: (RSS Subscription Extension (by Google)) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2014-03-29]
CHR Extension: (Google Wallet) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-29]
CHR Extension: (imo free video calls and text) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-03-29]
CHR Extension: (Check My Links) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2014-03-29]
CHR Extension: (Gmail) - C:\Users\Jeff\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [226944 2012-12-28] (Qualcomm Atheros Commnucations)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [File not signed]
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-16] (Intel Corporation)
S3 iumsvc; c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-07-16] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [224840 2013-05-10] (Realtek Semiconductor)
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1924328 2014-09-18] (SoftThinks SAS)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-15] (DEVGURU Co., LTD.)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
R2 Subsonic; C:\Program Files (x86)\Subsonic\subsonic-service.exe [259584 2014-09-21] () [File not signed]
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [81536 2012-12-26] (Atheros)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2012-12-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-09-24] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-09-24] (Windows ® Win 7 DDK provider)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197264 2012-05-28] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [328976 2012-11-02] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [97208 2012-11-02] (McAfee, Inc.)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-15 15:11 - 2014-11-15 15:11 - 00000000 ___RD () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-15 15:11 - 2014-11-15 15:11 - 00000000 ____D () C:\Users\Lucy\Downloads\FRST-OlderVersion
2014-11-15 15:10 - 2014-11-15 15:10 - 00000927 _____ () C:\Users\Public\frst.txt
2014-11-15 15:07 - 2014-11-15 15:07 - 00000000 ___RD () C:\Users\Lucy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-15 11:10 - 2014-11-15 11:10 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-11-15 11:10 - 2014-11-15 11:10 - 00000000 ____D () C:\Program Files\Java
2014-11-15 11:09 - 2014-11-15 11:09 - 92658088 _____ (Oracle Corporation) C:\Users\Jeff\Downloads\jre-8u25-windows-x64.exe
2014-11-15 11:07 - 2014-11-15 11:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-13 20:28 - 2014-11-13 20:28 - 02140160 _____ () C:\Users\Lucy\Downloads\AdwCleaner.exe
2014-11-13 20:23 - 2014-11-13 20:23 - 00000621 _____ () C:\Users\Lucy\Desktop\JRT.txt
2014-11-13 20:20 - 2014-11-13 20:20 - 01706808 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT (1).exe
2014-11-13 20:00 - 2014-11-13 20:00 - 00000000 ___RD () C:\Users\Amos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-12 21:51 - 2014-11-12 21:51 - 00029143 _____ () C:\Users\Lucy\Downloads\Addition.txt
2014-11-12 21:50 - 2014-11-15 15:12 - 00030305 _____ () C:\Users\Lucy\Downloads\FRST.txt
2014-11-12 21:49 - 2014-11-15 15:12 - 00000000 ____D () C:\FRST
2014-11-12 21:38 - 2014-11-15 15:11 - 02116608 _____ (Farbar) C:\Users\Lucy\Downloads\FRST64.exe
2014-11-12 21:29 - 2014-11-12 21:32 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-12 21:29 - 2014-11-12 21:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-12 21:29 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-12 21:29 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-12 21:29 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-11-12 21:28 - 2014-11-12 21:28 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Amos\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-11 21:30 - 2014-10-12 18:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-11 21:30 - 2014-10-10 16:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-11 21:30 - 2014-10-10 16:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-11 21:30 - 2014-10-09 17:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-11 21:30 - 2014-10-09 17:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-11 21:30 - 2014-10-09 17:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-11 21:30 - 2014-10-07 23:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-11 21:30 - 2014-10-07 23:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-11 21:30 - 2014-10-07 23:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-11 21:30 - 2014-10-07 23:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-11 21:30 - 2014-10-07 23:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-11 21:30 - 2014-10-07 23:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-11 21:30 - 2014-10-07 22:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-11 21:30 - 2014-10-07 22:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-11 21:30 - 2014-10-07 22:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-11 21:30 - 2014-10-07 22:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-11 21:30 - 2014-10-07 22:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-11 21:30 - 2014-10-07 22:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-11 21:30 - 2014-10-07 21:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-11 21:30 - 2014-10-07 21:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-11 21:30 - 2014-10-07 21:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-11 21:30 - 2014-09-26 23:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-11 21:30 - 2014-09-26 21:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-11 21:30 - 2014-09-26 19:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-11 21:30 - 2014-09-26 19:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-11 21:30 - 2014-09-26 19:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-11 21:30 - 2014-09-21 20:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-11 21:30 - 2014-09-21 19:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-11 21:30 - 2014-09-21 19:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-11 21:30 - 2014-09-21 18:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-11 21:30 - 2014-09-18 16:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-11 21:30 - 2014-09-02 14:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-11 21:30 - 2014-09-02 14:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-11 21:29 - 2014-10-30 21:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-11 21:29 - 2014-10-30 21:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-11 21:29 - 2014-10-30 21:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-11 21:29 - 2014-10-30 21:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-11 21:29 - 2014-10-30 21:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-11 21:29 - 2014-10-30 21:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-11 21:29 - 2014-10-30 21:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-11 21:29 - 2014-10-30 21:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-11 21:29 - 2014-10-30 21:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-11 21:29 - 2014-10-30 21:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-11 21:29 - 2014-10-30 21:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-11 21:29 - 2014-10-30 21:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-11 21:29 - 2014-10-30 21:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-11 21:29 - 2014-10-30 20:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-11 21:29 - 2014-10-30 20:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-11 21:29 - 2014-10-30 20:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-11 21:29 - 2014-10-30 20:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-11 21:29 - 2014-10-30 20:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-11 21:29 - 2014-10-30 20:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-11 21:29 - 2014-10-30 20:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-11 21:29 - 2014-10-30 20:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-11 21:29 - 2014-10-30 20:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-11 21:29 - 2014-10-30 20:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-11 21:29 - 2014-10-30 20:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-11 21:29 - 2014-10-30 20:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-11 21:29 - 2014-10-30 20:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-11 21:29 - 2014-10-30 20:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-11 21:29 - 2014-10-30 20:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-11 21:29 - 2014-10-30 20:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-11 21:29 - 2014-10-30 20:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-11 21:29 - 2014-10-30 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-11 21:29 - 2014-10-30 20:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-11 21:29 - 2014-10-30 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-11 21:29 - 2014-10-30 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-11 21:29 - 2014-10-30 20:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-11 21:29 - 2014-10-30 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-11 21:29 - 2014-10-30 20:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-11 21:29 - 2014-10-30 20:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-11 21:29 - 2014-10-30 20:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-11 21:29 - 2014-10-30 20:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-11 21:29 - 2014-10-30 20:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-11 21:29 - 2014-10-30 19:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-11 21:29 - 2014-10-30 19:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-11 21:29 - 2014-10-30 19:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-11 21:29 - 2014-10-30 19:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-11 21:29 - 2014-10-30 19:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-11 21:29 - 2014-10-30 19:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-11 21:29 - 2014-10-30 19:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-11 21:29 - 2014-10-30 19:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-11 21:29 - 2014-10-30 19:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-11 21:29 - 2014-10-30 19:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-11 21:29 - 2014-10-30 19:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-11 21:29 - 2014-10-30 19:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-11 21:29 - 2014-10-30 19:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-11 21:29 - 2014-10-30 19:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-11 21:29 - 2014-10-30 19:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-11 21:29 - 2014-10-30 19:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-11 21:29 - 2014-10-30 19:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-11 21:29 - 2014-10-30 19:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-11 21:29 - 2014-10-30 19:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-11 21:29 - 2014-10-30 19:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-11 21:29 - 2014-10-30 19:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-11 21:29 - 2014-10-30 19:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-11 21:29 - 2014-10-30 19:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-11 21:29 - 2014-10-30 19:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-11 21:29 - 2014-10-30 19:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-11 21:29 - 2014-10-30 19:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-11 21:29 - 2014-10-30 19:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-11 21:29 - 2014-10-30 19:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-11 21:29 - 2014-10-30 19:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-11 21:29 - 2014-10-30 18:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 21:29 - 2014-10-30 18:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-11 21:29 - 2014-10-30 18:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-11 21:29 - 2014-10-30 18:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-11 21:29 - 2014-10-30 18:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-11 21:29 - 2014-10-30 18:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-11 21:29 - 2014-10-30 18:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-11 21:29 - 2014-10-30 18:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-11 21:29 - 2014-10-30 18:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-11 21:29 - 2014-10-30 18:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-11 21:29 - 2014-10-30 18:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-11 21:29 - 2014-10-30 18:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-11 21:29 - 2014-10-30 18:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-11 21:29 - 2014-10-30 18:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-11 21:29 - 2014-10-30 18:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-11 21:29 - 2014-10-30 18:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-11 21:29 - 2014-10-30 18:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-11 21:29 - 2014-10-30 18:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-11 21:29 - 2014-10-30 18:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-11 21:29 - 2014-10-30 18:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-11 21:29 - 2014-10-30 18:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-11 21:29 - 2014-10-30 18:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-11 21:29 - 2014-10-18 01:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-11 21:29 - 2014-10-18 00:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-11 21:29 - 2014-10-18 00:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-11 21:29 - 2014-10-17 23:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-11 21:29 - 2014-10-17 22:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-11 21:29 - 2014-10-17 22:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-11 21:29 - 2014-10-17 22:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-11 21:29 - 2014-10-17 22:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-11 21:29 - 2014-10-17 22:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-11 21:29 - 2014-10-17 22:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-11 21:29 - 2014-10-17 22:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-11 21:29 - 2014-10-17 22:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-11 21:29 - 2014-10-17 22:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-11 21:29 - 2014-10-17 22:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-11 21:29 - 2014-10-17 22:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-11 21:29 - 2014-10-17 22:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-11 21:29 - 2014-10-16 23:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-11 21:29 - 2014-10-16 22:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-11 21:28 - 2014-10-22 21:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-11 21:28 - 2014-10-22 21:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-11 21:28 - 2014-10-06 22:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-11 21:28 - 2014-10-06 22:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-11 21:28 - 2014-10-06 22:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-11 21:28 - 2014-10-06 22:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-11 21:28 - 2014-10-06 22:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-11 21:28 - 2014-10-06 19:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-11 21:28 - 2014-10-06 19:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-11 21:28 - 2014-10-06 19:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-11 21:28 - 2014-10-06 19:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-11 21:28 - 2014-10-06 17:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-11 21:28 - 2014-10-06 17:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-11 21:28 - 2014-09-09 22:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-11 21:28 - 2014-09-07 19:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-11 21:28 - 2014-09-07 19:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-11 21:28 - 2014-09-07 14:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-11 21:28 - 2014-09-04 14:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-11 21:28 - 2014-09-04 14:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-11 21:28 - 2014-09-03 19:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-11 21:28 - 2014-09-03 18:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-11 21:28 - 2014-09-03 17:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-11 21:28 - 2014-09-03 16:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-11 21:28 - 2014-08-30 16:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-11 21:28 - 2014-08-30 16:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-11 21:28 - 2014-08-30 14:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-11 21:28 - 2014-08-30 14:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-11 21:28 - 2014-08-30 13:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-11 21:28 - 2014-08-30 13:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-11 21:28 - 2014-08-30 12:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-11 21:28 - 2014-08-30 12:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-11 21:28 - 2014-08-27 18:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-11 21:28 - 2014-08-27 16:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-11 21:28 - 2014-08-27 16:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-11 21:28 - 2014-08-22 21:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-11 21:28 - 2014-08-22 21:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-11 21:28 - 2014-08-22 21:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-11 21:28 - 2014-08-22 21:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-11 21:28 - 2014-08-22 20:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-11 21:28 - 2014-08-01 16:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-11 21:28 - 2014-08-01 16:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-09 12:46 - 2014-11-09 12:46 - 00000000 ___RD () C:\Users\Tracy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Epson
2014-11-09 11:04 - 2014-11-09 11:04 - 00000000 _____ () C:\Users\Amos\Sti_Trace.log
2014-11-08 19:34 - 2014-11-11 16:25 - 00000000 ____D () C:\Users\Jeff\Downloads\cale-vintage violence
2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 ____D () C:\Users\Tracy\AppData\Roaming\Epson
2014-11-07 10:47 - 2014-11-07 10:47 - 00000000 _____ () C:\Users\Tracy\Sti_Trace.log
2014-11-06 20:51 - 2014-11-06 20:51 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup (1).exe
2014-11-06 20:40 - 2014-11-06 20:40 - 00000302 _____ () C:\Users\Lucy\Documents\cc_20141106_204022.reg
2014-11-06 20:18 - 2014-11-06 20:18 - 00000135 _____ () C:\Users\Public\regkey.txt
2014-11-06 20:14 - 2014-11-06 20:14 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-06 20:14 - 2014-11-06 20:14 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-06 20:13 - 2014-11-06 20:14 - 04976456 _____ (Piriform Ltd) C:\Users\Jeff\Downloads\ccsetup419.exe
2014-11-06 20:07 - 2014-11-06 20:07 - 01706939 _____ (Thisisu) C:\Users\Lucy\Downloads\JRT.exe
2014-11-06 20:07 - 2014-11-06 20:07 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-06 20:05 - 2014-11-06 20:05 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lucy\Downloads\revosetup.exe
2014-11-06 20:05 - 2014-11-06 20:05 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-11-06 19:55 - 2014-11-13 20:32 - 00000000 ____D () C:\AdwCleaner
2014-11-06 19:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-11-06 19:54 - 2014-11-06 19:55 - 01375089 _____ () C:\Users\Jeff\Downloads\AdwCleaner.exe
2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieUserList
2014-11-06 19:39 - 2014-11-06 19:39 - 00000000 __SHD () C:\Users\Lucy\AppData\Local\EmieSiteList
2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Mozilla
2014-11-06 19:25 - 2014-11-06 19:25 - 00000000 ____D () C:\Users\Lucy\AppData\Local\Mozilla
2014-11-05 21:35 - 2014-11-06 20:23 - 00000365 _____ () C:\Users\Lucy\Sti_Trace.log
2014-11-05 21:35 - 2014-11-05 21:35 - 00000000 ____D () C:\Users\Lucy\AppData\Roaming\Epson
2014-11-04 21:58 - 2014-11-04 21:59 - 03545416 _____ () C:\Users\Jeff\Downloads\EpsonConnect130.exe
2014-11-04 20:58 - 2014-11-04 20:58 - 00000069 _____ () C:\Users\Jeff\Documents\DesignLibrary_Photoshop.log
2014-11-04 18:40 - 2014-11-04 18:40 - 00010240 _____ () C:\Users\Jeff\Downloads\Doodle.xls
2014-11-03 21:13 - 2014-11-04 18:26 - 00002555 _____ () C:\Users\Jeff\Sti_Trace.log
2014-11-02 21:36 - 2014-11-15 14:36 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job
2014-11-02 21:36 - 2014-11-15 14:36 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job
2014-11-02 21:36 - 2014-11-02 21:36 - 00003982 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}
2014-11-02 21:36 - 2014-11-02 21:36 - 00003796 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}
2014-11-02 21:27 - 2014-11-02 21:27 - 00000045 _____ () C:\WINDOWS\WF-3620.ini
2014-11-02 21:21 - 2014-11-15 14:21 - 00000951 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job
2014-11-02 21:21 - 2014-11-15 14:21 - 00000765 _____ () C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job
2014-11-02 21:21 - 2014-11-02 21:21 - 00003982 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}
2014-11-02 21:21 - 2014-11-02 21:21 - 00003796 _____ () C:\WINDOWS\System32\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}
2014-11-02 21:20 - 2014-11-02 21:20 - 00000000 ____D () C:\Program Files\Common Files\EPSON
2014-11-02 21:18 - 2014-11-04 17:38 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Epson
2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\InstallShield
2014-11-02 21:18 - 2014-11-02 21:18 - 00000000 ____D () C:\Program Files\EPSON
2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2014-11-02 21:17 - 2014-11-04 21:59 - 00000000 ____D () C:\Program Files (x86)\EPSON Software
2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2014-11-02 21:17 - 2014-11-04 21:58 - 00000000 ____D () C:\Program Files (x86)\epson
2014-11-02 21:17 - 2014-11-02 21:17 - 00000948 _____ () C:\Users\Public\Desktop\EPSON Scan.lnk
2014-11-02 21:17 - 2014-11-02 21:17 - 00000000 ____D () C:\Program Files\EpsonNet
2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll
2014-11-02 21:17 - 2012-11-12 20:41 - 00535552 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll
2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll
2014-11-02 21:17 - 2012-11-12 15:15 - 00558592 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll
2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enspres.dll
2014-11-02 21:17 - 2012-10-22 17:19 - 00219648 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enpres.dll
2014-11-02 21:17 - 2012-07-24 00:00 - 00466432 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2014-11-02 21:17 - 2012-05-17 00:00 - 00144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2014-11-02 21:17 - 2010-11-22 13:27 - 00147472 _____ (TWAIN Working Group) C:\WINDOWS\SysWOW64\twaindsm.dll
2014-11-02 21:16 - 2014-11-02 21:38 - 00000000 ____D () C:\ProgramData\EPSON
2014-11-02 21:16 - 2013-10-22 04:04 - 00179712 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YLMBKEE.DLL
2014-11-02 21:16 - 2011-03-15 03:03 - 00083968 _____ (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\E_YD4BKEE.DLL
2014-11-02 21:16 - 2007-04-10 01:06 - 00010752 _____ (SEIKO EPSON CORP.) C:\WINDOWS\system32\E_GCINST.DLL
2014-11-02 21:07 - 2014-11-02 21:09 - 223238432 _____ () C:\Users\Jeff\Downloads\epson15400.exe
2014-11-01 15:57 - 2014-11-08 19:34 - 00000000 ____D () C:\Users\Jeff\Downloads\filles de kilimanjaro
2014-11-01 11:20 - 2014-09-03 16:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-11-01 11:20 - 2014-09-03 15:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-11-01 11:20 - 2014-09-03 15:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-11-01 11:19 - 2014-08-15 20:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-11-01 11:19 - 2014-08-15 20:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-11-01 11:19 - 2014-08-15 19:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-11-01 11:19 - 2014-08-15 19:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-11-01 11:19 - 2014-08-15 19:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-11-01 11:19 - 2014-08-15 17:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-11-01 11:19 - 2014-08-15 17:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-11-01 11:19 - 2014-08-15 16:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-11-01 11:19 - 2014-08-15 16:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-11-01 11:19 - 2014-08-15 16:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-11-01 11:19 - 2014-08-15 16:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-11-01 11:19 - 2014-08-15 16:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-11-01 11:19 - 2014-08-15 16:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-11-01 11:19 - 2014-08-15 16:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-11-01 11:19 - 2014-08-15 16:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-11-01 11:19 - 2014-08-15 16:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-01 11:19 - 2014-08-15 16:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-11-01 11:19 - 2014-08-15 16:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-11-01 11:19 - 2014-08-15 16:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-11-01 11:19 - 2014-08-15 16:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-01 11:19 - 2014-08-15 16:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-11-01 11:19 - 2014-08-15 16:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-11-01 11:19 - 2014-08-15 16:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-11-01 11:19 - 2014-08-15 16:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-11-01 11:19 - 2014-08-15 16:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-11-01 11:19 - 2014-08-15 16:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-11-01 11:19 - 2014-08-15 16:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-11-01 11:19 - 2014-08-15 16:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-11-01 11:19 - 2014-08-15 16:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-11-01 11:19 - 2014-08-15 16:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-11-01 11:18 - 2014-09-03 16:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-11-01 11:18 - 2014-09-03 16:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-11-01 11:02 - 2014-11-01 11:02 - 00001632 _____ () C:\Users\Jeff\Downloads\URLLink (2).acsm
2014-11-01 10:54 - 2014-11-01 10:54 - 00001661 _____ () C:\Users\Jeff\Downloads\URLLink (1).acsm
2014-11-01 10:50 - 2014-11-01 10:50 - 00001673 _____ () C:\Users\Jeff\Downloads\URLLink.acsm
2014-10-27 20:25 - 2014-10-27 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Subsonic
2014-10-27 19:36 - 2014-10-27 19:37 - 50032017 _____ () C:\Users\Jeff\Downloads\subsonic-5.0-setup.exe
2014-10-21 19:31 - 2014-10-21 19:31 - 00000000 ____D () C:\Users\Amos\AppData\Local\Apple Computer
2014-10-19 18:57 - 2014-10-19 18:57 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-10-19 18:57 - 2014-10-19 18:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iTunes
2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files\iPod
2014-10-19 18:56 - 2014-10-19 18:56 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-18 09:17 - 2014-10-18 09:17 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-10-18 09:17 - 2014-10-18 09:17 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-10-18 09:17 - 2014-10-18 09:17 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-18 09:17 - 2014-10-18 09:17 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-18 09:05 - 2014-10-18 09:05 - 00895742 _____ () C:\Users\Jeff\Documents\EDS_new_and_changed_BIBS_update_2014-10-18.out
2014-10-18 08:59 - 2014-10-18 08:59 - 00249343 _____ () C:\Users\Tracy\Downloads\HOMEWORK PERIOD 1 FRIDAY.pptx
2014-10-16 20:25 - 2014-10-23 21:23 - 00000000 ____D () C:\Users\Jeff\Downloads\cheap trick - budoka
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-15 15:12 - 2014-03-29 09:39 - 00000938 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-15 15:11 - 2014-03-29 18:49 - 00000000 ___RD () C:\Users\Jeff\Dropbox
2014-11-15 15:11 - 2014-03-29 18:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Dropbox
2014-11-15 15:10 - 2014-03-29 16:41 - 01688614 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-15 15:10 - 2014-03-29 09:39 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-15 15:00 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-15 14:44 - 2013-11-13 23:28 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-15 14:36 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-11-15 14:19 - 2013-12-02 20:58 - 00000000 ____D () C:\Program Files (x86)\Dell Backup and Recovery
2014-11-15 14:15 - 2014-03-29 07:50 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-1001
2014-11-15 11:10 - 2014-03-31 15:39 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-15 11:08 - 2014-08-16 16:16 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Adobe
2014-11-15 11:08 - 2014-03-29 23:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-15 11:07 - 2014-03-29 18:47 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-15 11:06 - 2014-03-29 07:45 - 00000000 ____D () C:\Users\Jeff\Documents\Bluetooth Folder
2014-11-13 20:45 - 2014-04-23 19:54 - 00003594 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-1009
2014-11-13 20:41 - 2014-03-29 21:50 - 00000000 ____D () C:\Users\Lucy\Documents\Bluetooth Folder
2014-11-13 20:33 - 2014-03-29 16:42 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-13 20:33 - 2013-11-13 23:20 - 00054178 _____ () C:\WINDOWS\PFRO.log
2014-11-13 20:33 - 2013-08-22 06:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-13 20:00 - 2014-03-30 09:44 - 00000000 ___RD () C:\Users\Amos\Google Drive
2014-11-13 17:09 - 2014-03-29 18:23 - 00000000 ___RD () C:\Users\Jeff\SkyDrive
2014-11-12 21:43 - 2013-08-22 05:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-12 20:59 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-12 20:07 - 2014-03-29 09:39 - 00003910 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 20:07 - 2014-03-29 09:39 - 00003674 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-11 22:19 - 2013-08-22 06:44 - 05085920 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-11 22:17 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-11 21:42 - 2014-03-29 19:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-11 21:42 - 2012-07-25 23:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-11 21:40 - 2014-03-29 08:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-11 21:32 - 2014-03-29 08:37 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-11 20:29 - 2013-08-22 06:46 - 00325036 _____ () C:\WINDOWS\setupact.log
2014-11-11 16:37 - 2014-03-31 19:57 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\FileZilla
2014-11-09 12:46 - 2014-03-29 21:45 - 00000000 ____D () C:\Users\Tracy\AppData\Local\Adobe
2014-11-09 11:13 - 2014-03-30 09:44 - 00001739 _____ () C:\Users\Amos\Desktop\Google Drive.lnk
2014-11-09 11:04 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos
2014-11-08 12:16 - 2014-07-09 11:47 - 00000000 ____D () C:\WINDOWS\Minidump
2014-11-07 11:10 - 2014-03-31 13:13 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-1010
2014-11-07 10:47 - 2014-03-29 21:44 - 00000000 ____D () C:\Users\Tracy
2014-11-07 04:06 - 2014-03-30 09:35 - 00002048 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-07 04:06 - 2014-03-30 09:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-05 21:35 - 2014-03-29 21:49 - 00000000 ____D () C:\Users\Lucy
2014-11-04 21:58 - 2013-12-02 20:46 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-04 20:58 - 2014-03-29 07:44 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Adobe
2014-11-04 18:27 - 2014-03-29 18:36 - 00000000 ____D () C:\Users\Jeff\Documents\My Scans
2014-11-04 17:39 - 2014-03-29 16:46 - 00000000 ____D () C:\Users\Jeff
2014-11-02 16:37 - 2014-03-30 21:50 - 00000000 ____D () C:\subsonic
2014-11-02 15:49 - 2014-03-30 09:49 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1311062009-36715212-3114003710-1008
2014-11-02 15:25 - 2014-03-29 21:48 - 00000000 ____D () C:\Users\Amos\Documents\Bluetooth Folder
2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-01 12:38 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-01 12:36 - 2014-04-17 18:36 - 00000000 ____D () C:\Users\Jeff\Calibre
2014-11-01 11:03 - 2014-03-29 09:49 - 00000000 ____D () C:\Users\Jeff\Documents\My Digital Editions
2014-10-30 03:25 - 2014-03-29 18:30 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-29 20:07 - 2014-03-29 09:39 - 00002205 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-29 16:55 - 2014-09-11 20:43 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-29 16:55 - 2014-09-11 20:43 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-27 20:25 - 2014-03-30 21:50 - 00000000 ____D () C:\Program Files (x86)\Subsonic
2014-10-27 19:21 - 2014-06-23 08:29 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Mp3tag
2014-10-26 20:29 - 2014-03-29 21:45 - 00000000 ____D () C:\Users\Tracy\Documents\Bluetooth Folder
2014-10-26 11:08 - 2014-07-11 10:51 - 00000136 _____ () C:\WINDOWS\ODBC.INI
2014-10-26 11:03 - 2013-08-22 07:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-21 19:31 - 2014-04-01 16:46 - 00000000 ____D () C:\Users\Amos\AppData\Roaming\Apple Computer
2014-10-19 18:56 - 2014-09-30 19:17 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-19 18:56 - 2014-03-30 21:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-18 09:20 - 2014-07-11 09:46 - 00000000 ____D () C:\Users\Jeff\AppData\Local\Spotify
2014-10-18 09:20 - 2014-07-11 09:45 - 00000000 ____D () C:\Users\Jeff\AppData\Roaming\Spotify
 
Some content of TEMP:
====================
C:\Users\Amos\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jeff\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pg0mh.dll
C:\Users\Jeff\AppData\Local\Temp\i4jdel0.exe
C:\Users\Jeff\AppData\Local\Temp\Quarantine.exe
C:\Users\Jeff\AppData\Local\Temp\sqlite3.dll
C:\Users\Lucy\AppData\Local\Temp\i4jdel0.exe
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite28667.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite45019.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite49016.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite58053.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite60367.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite65808.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite68057.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite74580.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite78681.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite80226.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85250.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite85456.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite87378.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite88696.dll
C:\Users\Lucy\AppData\Local\Temp\System.Data.SQLite96587.dll
C:\Users\Tracy\AppData\Local\Temp\i4jdel0.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-10 16:40
 
==================== End Of Log ============================
Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2014

Ran by Jeff at 2014-11-15 15:13:11

Running from C:\Users\Lucy\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden

5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden

5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

ActiveState Komodo Edit 8.5.3 (HKLM-x32\...\{E65B87D8-30C4-4FB0-8C24-AFD64950A881}) (Version: 8.5.3 - ActiveState Software Inc.)

Adobe Acrobat XI Pro (HKLM-x32\...\{23D3F585-AE29-4670-8E3E-64A0EFB29240}) (Version: 11.0 - Adobe Systems Incorporated)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems)

Adobe Audition CC 2014 (HKLM-x32\...\{F3388E10-EFA9-4A80-B28E-2E647F8D00C4}) (Version: 7.1.0 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.8.0.447 - Adobe Systems Incorporated)

Adobe Digital Editions 3.0 (HKLM-x32\...\Adobe Digital Editions 3.0) (Version: 3.0.1 - Adobe Systems Incorporated)

Adobe Edge Code CC (HKLM-x32\...\{641F742F-1497-51B4-F481-1037096A90A0}) (Version: 0.97 - Adobe Systems Incorporated)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.5 64-bit (HKLM\...\{19BBD0F3-7A31-480D-8A23-19AE28035E9C}) (Version: 5.5.0 - Adobe Systems Incorporated)

Adobe Premiere Pro CC 2014 (HKLM-x32\...\{07BE616F-9E42-4C90-AF4F-0F32A5B088E7}) (Version: 8.1.0 - Adobe Systems Incorporated)

AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden

AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden

Amazon Cloud Player (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Amazon Amazon Cloud Player) (Version: 2.4.0.26 - Amazon Services LLC)

Amazon Kindle (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Amazon Kindle) (Version:  - Amazon)

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

bl (x32 Version: 1.0.0 - Your Company Name) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

calibre (HKLM-x32\...\{ABCDCEDE-BB81-4169-8A5B-3776D7DBCDC5}) (Version: 1.42.0 - Kovid Goyal)

CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)

Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.7.5.63 - Dell Inc.)

Dell Digital Delivery (HKLM-x32\...\{03A9F528-A754-460F-B2C1-AC125A147114}) (Version: 2.8.5000.0 - Dell Products, LP)

Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)

Dell System Detect (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\9204f5692a8faf3b) (Version: 5.6.0.4 - Dell)

Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)

Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden

Dropbox (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)

DSC/AA Factory Installer (Version: 3.3.6261.27 - PC-Doctor, Inc.) Hidden

DVDFab 9.1.5.9 (25/07/2014) (HKLM-x32\...\DVDFab 9 US_is1) (Version:  - Fengtao Software Inc.)

Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION)

Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)

Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)

Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.51.00 - SEIKO EPSON CORPORATION)

Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )

EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)

EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.30.00 - SEIKO EPSON Corp.)

EPSON WF-3620 Series Printer Uninstall (HKLM\...\EPSON WF-3620 Series) (Version:  - SEIKO EPSON Corporation)

Epson WF-3620 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEpson WF-3620 User’s Guide_is1) (Version: 1.0 - )

EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)

Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)

Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)

Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden

FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)

foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)

Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden

HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden

HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden

Innovative Millennium (HKLM-x32\...\Innovative Millennium) (Version: 1.0.0.0 - Innovative Interfaces)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.13.1402 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)

Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)

Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)

KeePass Password Safe 1.27 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.27 - Dominik Reichl)

Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)

Mavis Beacon Teaches Typing Platinum 20 (HKLM-x32\...\{58F9D852-9443-4955-A1ED-12C9E0504DD0}) (Version: 20.00.0000 - Broderbund)

MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)

Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)

Mp3tag v2.64 (HKLM-x32\...\Mp3tag) (Version: v2.64 - Florian Heidenreich)

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden

NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)

NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation)

NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)

OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)

ph (x32 Version: 1.0.0 - Your Company Name) Hidden

Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.218 - Qualcomm Atheros Communications)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6909 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.30137 - Realtek Semiconductor Corp.)

Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)

Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

ShareX 9.3.1 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.3.1 - ShareX Developers)

Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)

SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden

Spotify (HKU\S-1-5-21-1311062009-36715212-3114003710-1001\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)

Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden

Subsonic (HKLM-x32\...\Subsonic) (Version:  - )

SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.38.0 - 2BrightSparks)

TightVNC (HKLM\...\{D2372F87-7DA2-47F7-A102-AF2181B8EAA2}) (Version: 2.7.10.0 - GlavSoft LLC.)

TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)

TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)

Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden

TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-6 - Bitnami)

Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1311062009-36715212-3114003710-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jeff\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

30-10-2014 04:11:44 Scheduled Checkpoint

03-11-2014 05:17:13 Installed EpsonNet Print

05-11-2014 05:55:43 Installed Software Updater

08-11-2014 22:02:51 Windows Update

12-11-2014 05:30:56 Windows Update

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 05:25 - 2013-08-22 05:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {0711DEE6-68A7-489F-94F2-9EB4708D8D8E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {110D1E11-C1E3-436F-B7CC-13094C23A9E0} - System32\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {20F7F339-2AC0-4FA6-A334-5F3F92ED38FA} - System32\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {296BE6B7-7753-4677-9BEB-921B8CA7E754} - System32\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {4156E0E9-54AA-41E0-A9B8-FD2BE37643D8} - System32\Tasks\AdobeAAMUpdater-1.0-upstairs-office-Jeff => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)

Task: {53E3CF9D-BE85-4022-AD92-BFAE64AFE791} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)

Task: {74573C65-E219-42B1-923B-15143C55BBF3} - System32\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)

Task: {7A358956-281D-4D92-8D1B-19F09C145739} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {A836FA1C-18F1-465A-9D3E-FA436AC4B15A} - System32\Tasks\AdobeAAMUpdater-1.0-upstairs-office-Tracy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-09-19] (Adobe Systems Incorporated)

Task: {B295500F-53A7-4063-A1AC-20443D0BF19E} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-02] (CyberLink Corp.)

Task: {C2D780D1-9650-4F2C-8493-506DDE8ACDBA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => c:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: {C4930F57-5044-4F7D-90BD-BB10A6C37E43} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {C7A79EF0-EB81-4C90-A1CF-1E0A3C5CC10D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-30] (Piriform Ltd)

Task: {D736C959-E7CE-4D2B-B570-54D2227396F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)

Task: {D7BFC918-BD65-4E82-B581-B5DEA654437B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.)

Task: {DD48053F-CF9A-4751-A613-A496605BDBED} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-11] (Microsoft Corporation)

Task: {F4FAB109-1A38-4CFA-A2AE-33C3EC968ACA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-02] (CyberLink)

Task: {F9DEFB81-55FC-4E09-B612-0549F91A4C19} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {7F847599-713C-41FD-9943-03D5940A6824}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Invitation {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {7F847599-713C-41FD-9943-03D5940A6824}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE

Task: C:\WINDOWS\Tasks\EPSON WF-3620 Series Update {F786A631-072D-4D7F-A38A-EFA0E61E7CF9}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSKEE.EXE

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2013-12-02 20:56 - 2012-04-24 18:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2014-09-21 04:42 - 2014-09-21 04:42 - 00259584 _____ () C:\Program Files (x86)\Subsonic\subsonic-service.exe

2014-03-29 16:42 - 2014-03-04 05:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-09-26 13:41 - 2014-09-26 13:41 - 01021088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2014-05-01 11:29 - 2014-05-01 11:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll

2012-12-28 13:39 - 2012-12-28 13:39 - 00011264 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll

2012-12-28 13:36 - 2012-12-28 13:36 - 00084480 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Modules\Map\MAP.dll

2012-12-28 13:41 - 2012-12-28 13:41 - 00012928 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ActivateDesktop.exe

2014-09-21 04:42 - 2014-09-21 04:42 - 00253952 _____ () C:\Program Files (x86)\Subsonic\subsonic-agent.exe

2012-12-28 13:42 - 2012-12-28 13:42 - 00384128 _____ () C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\ContactsApi.dll

2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2013-12-02 20:45 - 2013-07-16 17:39 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

2014-11-15 15:11 - 2014-11-15 15:11 - 00043008 _____ () c:\users\jeff\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8pg0mh.dll

2013-08-23 11:01 - 2013-08-23 11:01 - 25100288 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\libcef.dll

2014-08-26 15:47 - 2014-08-26 15:47 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll

2014-08-26 15:47 - 2014-08-26 15:47 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

2013-12-02 20:54 - 2012-06-07 19:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Jeff\SkyDrive:ms-properties

AlternateDataStreams: C:\Users\Jeff\Documents\Matt, Jennifer, Olive and Theo Contact Info.eml:OECustomProperty

AlternateDataStreams: C:\Users\Jeff\Documents\REVIEW_ QUALLS ON LIKHACHEV, _REFLECTIONS ON THE RUSSIAN SOUL_.eml:OECustomProperty

AlternateDataStreams: C:\Users\Jeff\Documents\Re_ help w_ Dziga Vertov research.eml:OECustomProperty

AlternateDataStreams: C:\Users\Lucy\Documents\Science project sources.docx:AFP_AfpInfo

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "BCSSync"

HKLM\...\StartupApproved\Run32: => "RemoteControl10"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

HKCU\...\StartupApproved\Run: => "DellSystemDetect"

HKCU\...\StartupApproved\Run: => "Amazon Cloud Player"

HKCU\...\StartupApproved\Run: => "TomTomHOME.exe"

 

========================= Accounts: ==========================

 

Administrator (S-1-5-21-1311062009-36715212-3114003710-500 - Administrator - Disabled)

Amos (S-1-5-21-1311062009-36715212-3114003710-1008 - Limited - Enabled) => C:\Users\Amos

Guest (S-1-5-21-1311062009-36715212-3114003710-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1311062009-36715212-3114003710-1007 - Limited - Enabled)

Jeff (S-1-5-21-1311062009-36715212-3114003710-1001 - Administrator - Enabled) => C:\Users\Jeff

Lucy (S-1-5-21-1311062009-36715212-3114003710-1009 - Limited - Enabled) => C:\Users\Lucy

Tracy (S-1-5-21-1311062009-36715212-3114003710-1010 - Limited - Enabled) => C:\Users\Tracy

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

 

System errors:

=============

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The SoftThinks Agent Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Management and Security Application Local Management Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® ME Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The IconMan_R service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The TomTomHOMEService service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The TightVNC Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

 

Error: (11/13/2014 08:32:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The ZAtheros Wlan Agent service terminated unexpectedly.  It has done this 1 time(s).

 

 

Microsoft Office Sessions:

=========================

 

CodeIntegrity Errors:

===================================

  Date: 2014-11-15 11:31:57.378

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-13 17:23:36.534

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-12 20:37:11.468

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-10 16:49:08.329

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-10 16:49:08.022

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-08 19:46:31.044

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:03.303

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:03.178

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:02.584

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2014-11-01 18:34:02.444

  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-4440 CPU @ 3.10GHz

Percentage of memory in use: 23%

Total physical RAM: 8143.23 MB

Available physical RAM: 6206.89 MB

Total Pagefile: 9423.23 MB

Available Pagefile: 7272.38 MB

Total Virtual: 131072 MB

Available Virtual: 131071.84 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:917.26 GB) (Free:752.35 GB) NTFS

Drive e: (Disk 2) (Fixed) (Total:1397.26 GB) (Free:1264.17 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: D5D3F389)

 

Partition: GPT Partition Type.

 

========================================================

Disk: 1 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 18AC11E4)

Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Update me on your machine's status.

ESETOnline.png Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Enable detecion of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
    • Make sure that Remove found threats is unchecked.
    • Scan archives is checked.
    • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Use custom proxy settings is unchecked.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.

Don't forget to re-enable previously switched-off protection software!

51c9d14017fa0-SecurityCheck.PNG Scan with Security Check

Please download Security Check by Screen317 and save it to your desktop.

  • Right-click on 51c9d14017fa0-SecurityCheck.PNG icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan won't take long.
  • Soon a notepad document called checkup.txt will open automaticaly.
Please include the content of that document.
Link to post
Share on other sites

I don't think there's anything to update. The machine shows the same behavior it did when we started. I accidentally installed BrowserSafeguard with RocketTab. Uninstalling using Programs & Features does not work. Also tried Revo Uninstaller but the program doesn't show up at all there. My dad managed to keep it from running at startup by deleting some registry keys, but I still see it listed in Programs & Features and I want to be sure it is gone from my system. What do I need to do?

I should add that browsersafeguard with rockettab only shows up in the user account I was originally running the tests on. The administrator account is unaffected. Have you noticed anything in the logs I have posted so far?

Link to post
Share on other sites

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=40e9e6f057aec9478039730668bd55e7

# engine=21119

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=false

# utc_time=2014-11-16 11:33:33

# local_time=2014-11-16 03:33:33 (-0800, Pacific Standard Time)

# country="United States"

# lang=1033

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 0 6398732 0 0

# scanned=24605

# found=2

# cleaned=0

# scan_time=533

sh=85C2E758DADB8A93064CA5CEDF96BC69C021B84C ft=1 fh=1f9bbc275addc6d3 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1311062009-36715212-3114003710-1001\$R4DUW7B.exe"

sh=0A75721B87275CA9C53AAE14A3D90E4B63FC0742 ft=1 fh=c1d2c9d66908a615 vn="a variant of MSIL/Adware.iBryte.F application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lucy\AppData\Local\Search Extensions\Client.exe.vir"
Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.89  

   x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

Windows Defender   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 71  

 Java version out of Date! 

 Adobe Flash Player 15.0.0.152  

 Mozilla Firefox 32.0.3 Firefox out of Date!  

 Google Chrome 38.0.2125.104  

 Google Chrome 38.0.2125.111  

````````Process Check: objlist.exe by Laurent````````  

 Windows Defender MSMpEng.exe 

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

OK, let's see the fresh logs.

FRST.gif Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:

    createsrpoint;process;drivers-services-list;systemspecs;startupall;skipfix-iedefaults;firefoxlook;chromelook;filesrcm;installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Please include its content in your next reply.

Don't forget to re-enable your switched-off protection software!

Link to post
Share on other sites

  • 3 months later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.